H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HDena H2o
APPDenaβ€ 2.2.3
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
Related vulnerabilities
CVE-2018-0608CRITICAL9.8ten sam produkt
Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a ...
CVE-2016-7835CRITICAL9.1ten sam produkt
Use-after-free vulnerability in H2O allows remote attackers to cause a denial-of-service (DoS) or obtain serve...
CVE-2023-30847HIGH8.2ten sam produkt
H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when the reverse proxy handler tries to processes a ...
CVE-2021-43848HIGH7.4ten sam produkt
h2o is an open source http server. In code prior to the `8c0eca3` commit h2o may attempt to access uninitializ...
CVE-2017-10868HIGH7.5ten sam produkt
H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially...